Quadlet - treat paths starting with systemd specifiers as absolute #17930
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ygalblum The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
ygalblum
force-pushed
the
quadlet-systemd-specifiers
branch
from
384c968 to
401f083
Compare
|
LGTM |
ygalblum
force-pushed
the
quadlet-systemd-specifiers
branch
from
401f083 to
1624f81
Compare
ygalblum
force-pushed
the
quadlet-systemd-specifiers
branch
from
1624f81 to
30f7432
Compare
pkg/systemd/quadlet/quadlet.go
Outdated
| @@ -969,7 +969,7 @@ func addNetworks(quadletUnitFile *parser.UnitFile, groupName string, serviceUnit | |||
| } | |||
|
|
|||
| func getAbsolutePath(quadletUnitFile *parser.UnitFile, filePath string) (string, error) { | |||
| if !filepath.IsAbs(filePath) { | |||
| if filePath[0] != '%' && !filepath.IsAbs(filePath) { | |||
There was a problem hiding this comment.
Absolutely non-blocking: A comment on the % special casing may help future readers.
But don't bother repushing for it.
There was a problem hiding this comment.
Following other comments, I changes the implementation to use a function and added an explanation on top of it. PTAL
test/system/252-quadlet.bats
Outdated
| local tmp_path=$(mktemp -d --tmpdir quadlet.volume.XXXXXX) | ||
| local tmp_dir=$(basename "$tmp_path") |
There was a problem hiding this comment.
I'm having a hard time understanding the point of doing this instead of using $PODMAN_TMPDIR
podman/test/system/helpers.bash
Lines 91 to 96 in 30619bb
I'm also finding it impossible to understand the systemd.unit(5) documentation for %T:
This is either /tmp or the path "$TMPDIR", "$TEMP" or "$TMP" are set to.
...because there is no indication of the process space in which those envariables are checked.
Anyhow. Please use $PODMAN_TMPDIR or provide an explanation as to why that's not possible.
There was a problem hiding this comment.
According to the line you've added, the base directory for PODMAN_TMPDIR can be overridden by setting BATS_TMPDIR. So, if the latter is set, the directory will not be created under /tmp which will cause systemd to point to a non-existing path. For this reason I wanted to ensure the location of the directory. But, if it is never really set, I can use PODMAN_TMPDIR
Having said that, the idea behind the test is to check the support for the systemd specifiers. I chose to use %T, but I don't mind using a different one (https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers), if you think it makes more sense.
Please let me know what you think
There was a problem hiding this comment.
From bats(7):
$BATS_TMPDIR is the base temporary directory used by bats to create its temporary files / directories. (default: $TMPDIR. If $TMPDIR is not set, /tmp is used.)
...but in your current implementation, you use mktemp --tmpdir, which:
...if DIR is not specified, use $TMPDIR if set, else /tmp.
...so as best I can tell, that's transitively equivalent to $PODMAN_TMPDIR... unless I'm missing something...
(and again, it still isn't clear to me what %T expands to. Presumably /tmp in root-systemd, but I have no clue what happens in user-systemd, and I think it's kind of important to understand and document that)
There was a problem hiding this comment.
OK, so I'll switch to using PODMAN_DIR and update the rest of the path accordingly.
As for %T, since for other specifiers the documentation provides information about root and user, I understand that it is the same for both. In addition, the tests pass, so it is probably true.
test/system/252-quadlet.bats
Outdated
| local file_name=hello.txt | ||
| local file_content="hello" |
There was a problem hiding this comment.
Why not use random_string here too? That eliminates a (small, unlikely) number of false negatives.
local file_name="f$(random_string 10).txt"
local file_content="data_$(random_string 15)"There was a problem hiding this comment.
Sure, great idea. I'll update it as part of whatever we decide on the previous comment
pkg/systemd/quadlet/quadlet.go
Outdated
| @@ -969,7 +969,7 @@ func addNetworks(quadletUnitFile *parser.UnitFile, groupName string, serviceUnit | |||
| } | |||
|
|
|||
| func getAbsolutePath(quadletUnitFile *parser.UnitFile, filePath string) (string, error) { | |||
| if !filepath.IsAbs(filePath) { | |||
| if filePath[0] != '%' && !filepath.IsAbs(filePath) { | |||
There was a problem hiding this comment.
Not sure if it is possible to set the path to an empty string but if it is this will cause a panic, you should check the len(filePath) > 0 before to avoid this.
There was a problem hiding this comment.
Added in the new startsWithSystemdSpecifier function
pkg/systemd/quadlet/quadlet.go
Outdated
| @@ -969,7 +969,7 @@ func addNetworks(quadletUnitFile *parser.UnitFile, groupName string, serviceUnit | |||
| } | |||
|
|
|||
| func getAbsolutePath(quadletUnitFile *parser.UnitFile, filePath string) (string, error) { | |||
| if !filepath.IsAbs(filePath) { | |||
| if filePath[0] != '%' && !filepath.IsAbs(filePath) { | |||
There was a problem hiding this comment.
Shouldn't there be a special case for %% ?
$ man systemd.unit | grep "Single percent"
│"%%" │ Single percent sign │ Use "%%" in place of "%" to specify a single │
Edit 1:
Ah, it quickly gets a bit complicated.
%U is the UID and would never start with a slash.
%h is the home directory and would always start with a slash.
Maybe there are also variants where it's not possible to conclude whether the expanded string starts with a slash or not.
Should the implementation go try to analyse all the different variants? Maybe it's not worth it. I don't know.
There was a problem hiding this comment.
Addressed in the startsWithSystemdSpecifier function
ygalblum
force-pushed
the
quadlet-systemd-specifiers
branch
from
30f7432 to
1b6190c
Compare
If a path (Yaml, ConfigMap, EnvFile) starts with a systemd path specifier, treat the path as absolute Add tests - unit, e2e and bats Signed-off-by: Ygal Blum <[email protected]>
ygalblum
force-pushed
the
quadlet-systemd-specifiers
branch
from
1b6190c to
da96ff6
Compare
|
@eriksjolund @Luap99 please take another look |
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
If a path (Yaml, ConfigMap, EnvFile) starts with a systemd path specifier, treat the path as absolute
Add tests - unit, e2e and bats
Resolves: #17906
Does this PR introduce a user-facing change?
Yes